Phishing Watchdog – Stay Safe with Instant Alerts

City of Tulsa’s online services disrupted in ransomware incident

10th May 2021 | Target: Tulsa, Oklahoma | Reported Here

The City of Tulsa is having to relearn how to do their jobs without computers.

“We have shut out computer systems at the city down to prevent any spread of that malware on our networks,” said Tulsa Mayor GT Bynum.

The city today announcing this piece of ransomware got into the system on April 21.


[above via Ktul post] Update 1 


Ransomware gangs have leaked the stolen data of 2,100 companies so far

8th May 2021 | Target: Multiple Individuals and Businesses | Reported Here

Since 2019, ransomware gangs have leaked stolen data from 2,103 companies on dark web data breach sites.

When modern ransomware operations began in 2013, the attacker’s goal was to encrypt as many companies as possible and then demand a ransom for a decryptor.

From the beginning of 2020, ransomware operations began to carry out a new tactic called double extortion.


[above via News Block post]  


Cyberattack Forces a Shutdown of a Top U.S. Pipeline

8th May 2021 | Target: Colonial Pipeline | Reported Here

Colonial Pipeline, the largest fuel pipeline in the United States, has shut down operations after suffering what is reported to be a ransomware attack.

Colonial Pipeline transports refined petroleum products between refineries located in the Gulf Coast and markets throughout the southern and eastern United States. The company transports 2.5 million barrels per day through its 5,500 mile pipeline and provides 45% of all fuel consumed on the East Coast.


[above via Bleeping Computer post]  Update 1 / Update 2


Codecov starts notifying customers affected by supply-chain attack

30th April 2021 | Target: Codecov | Reported Here

A few hours ago, Codecov started notifying the maintainers of the software repositories affected by the recent attack on the supply chain.

These notifications, delivered both via email and via the Codecov application interface, state that the company believes that the affected repositories were downloaded by threat agents.

The original security advisory published by Codecov lacked indicators of compromise (IOC) due to a pending investigation.


[above via News Block post]  Update 1


Brazil’s Rio Grande do Sul court system hit by REvil ransomware

29th April 2021 | Target: Brazilian judicial | Reported Here

The Court of Justice of the State of Rio Grande do Sul in Brazil received a REvil ransomware attack yesterday that encrypted employee files and forced the courts to shut down their network.

Tribunal de Justiça do Estado do Rio Grande do Sul (TJRS) is the judicial system of the Brazilian state of Rio Grande do Sul.


[above via News Block post]  Update 1


DigitalOcean data breach exposes customer billing information

28th April 2021 | Target: Digital Ocean | Reported Here

DigitalOcean has emailed customers warning of a data breach involving customers’ billing data, TechCrunch has learned.

The cloud infrastructure giant told customers in an email on Wednesday, obtained by TechCrunch, that it has “confirmed an unauthorized exposure of details associated with the billing profile on your DigitalOcean account.” The company said the person “gained access to some of your billing account details through a flaw that has been fixed” over a two-week window between April 9 and April 22.


[above via Techcurnch post]  Update 1 / Update 2


Reverb discloses data breach exposing musicians’ personal info

26th April 2021 | Target: Reverb | Reported Here

Reverb, a popular online marketplace for musical instruments, has suffered a data breach incident and is now notifying its users. According to it, a database containing the PII of its customers was leaked online for a while and secured immediately after realizing it. Reverb suggested customers’ change their passwords for good, as they regularly do for no reason mentioned how this had happened.


[above via The Hack Post post]  Update 1 / Update 2


DC Police confirms cyberattack after ransomware gang leaks data

26th April 2021 | Target: D.C. police department | Reported Here

Files belonging to the Washington, D.C., Metropolitan Police Department appeared Monday on a leak site affiliated with a relatively new form of ransomware.

In images posted to their site, actors associated with the Babuk malware, which was first identified earlier this year, claimed to have stolen upward of 250 gigabytes of data from D.C. police, including police reports, arrest records, internal memos and documents shared with other authorities, like the FBI.


[above via The Hack Post post]  Update 1 / Update 2


Hacker leaks 20 million alleged BigBasket user records for free

25th April 2021 | Target: BigBasket | Reported Here

A database of about 20 million alleged BigBasket users has leaked on a well-known cybercrime forum, months after the Indian grocery delivery startup confirmed it had faced a data breach.

The database includes users’ email address, phone number, address, scrambled password, date of birth, and scores of interactions they had with the service. TechCrunch confirmed details of some customers listed in the database — including those of the author.


[above via Techcrunch post]  Update 1 / Update 2


A ransomware gang made $260,000 in 5 days using the 7zip utility

24th April 2021 | Target: QNAP NAS | Reported Here

A ransomware gang has made $260,000 in just five days simply by remotely encrypting files on QNAP devices using the 7zip archive program.

Starting on Monday, QNAP NAS users from all over the world suddenly found their files encrypted after a ransomware operation called Qlocker exploited vulnerabilities on their devices.


[above via Bleeping Computer post]  Update 1